Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Cross-site Scripting (XSS)
yiisoft/yii2-dev <2.0.13 Composer 12 Jun, 2019
  • H
SQL injection
silverstripe/registry >=2.1.0, <2.1.1,>=2.2.0, <2.2.1 Composer 11 Jun, 2019
  • H
SQL injection
silverstripe/restfulserver >=1.0.0, <1.0.9,>=2.0.0, <2.0.4,>=2.5.0, <2.1.2 Composer 11 Jun, 2019
  • M
Cross-Site Request Forgery (CSRF)
silverstripe/framework >=4.0.0, <4.4.0 Composer 11 Jun, 2019
  • H
Cross-site Request Forgery (CSRF)
phpmyadmin/phpmyadmin <4.9.0 Composer 05 Jun, 2019
  • H
SQL Injection
phpmyadmin/phpmyadmin <4.8.6 Composer 05 Jun, 2019
  • M
Cross-site Scripting (XSS)
lartak/humhub >=1.3.12, <1.3.13 Composer 04 Jun, 2019
  • M
Server-side Request Forgery (SSRF)
phpbb/phpbb <3.2.6 Composer 04 Jun, 2019
  • M
Cross-site Scripting (XSS)
grandt/relativepath >=0.0.0 Composer 31 May, 2019
  • M
Cross-site Scripting (XSS)
sylius/grid >=1.0.0, <1.1.0,>=1.1.0, <1.1.19,>=1.2.0, <1.2.18,>=1.3.0, <1.3.13,>=1.4.0, <1.4.5,>=1.5.0, <1.5.1 Composer 22 May, 2019
  • M
Cross-site Scripting (XSS)
sylius/grid-bundle >=1.0.0, <1.1.0,>=1.1.0, <1.1.19,>=1.2.0, <1.2.18,>=1.3.0, <1.3.13,>=1.4.0, <1.4.5,>=1.5.0, <1.5.1 Composer 22 May, 2019
  • M
Cross-site Scripting (XSS)
sylius/sylius >=1.0.0, <1.1.0,>=1.1.0, <1.1.18,>=1.2.0, <1.2.17,>=1.3.0, <1.3.12,>=1.4.0, <1.4.4 Composer 22 May, 2019
  • M
Cross-site Scripting (XSS)
drupal/term_reference_tree >=1.0.0, <1.11.0 Composer 21 May, 2019
  • H
Remote Code Execution (RCE)
drupal/media >=2.0.0, <2.19.0 Composer 21 May, 2019
  • H
Remote Code Execution (RCE)
drupal/tmgmt >=1.0.0, <1.7.0 Composer 21 May, 2019
  • H
Remote Code Execution (RCE)
drupal/video >=1.0.0, <1.4.0 Composer 21 May, 2019
  • M
Arbitrary File Upload
drupal/uuid >=1.0.0, <1.1.0 Composer 21 May, 2019
  • M
Access Restriction Bypass
drupal/filefield_sources >=1.0.0, <1.11.0 Composer 21 May, 2019
  • M
Denial of Service (DoS)
drupal/password_policy >=1.0.0, <1.16.0 Composer 21 May, 2019
  • M
Cross-site Scripting (XSS)
drupal/bootstrap >=3.0.0, <3.14.0 Composer 21 May, 2019
  • M
Information Disclosure
drupal/entity >=1.0.0, <1.9.0 Composer 21 May, 2019
  • M
Cross-site Scripting (XSS)
drupal/eu_cookie_compliance >=1.0.0, <1.1.0 Composer 21 May, 2019
  • M
Access Restriction Bypass
drupal/workbench_moderation >=1.0.0, <1.4.0 Composer 21 May, 2019
  • M
Directory Traversal
piwik/piwik >=3.9.0, <3.10.0 Composer 20 May, 2019
  • M
Cross-site Scripting (XSS)
ezsystems/ezplatform-admin-ui >=1.3.0, <1.3.5,>=1.4.0, <1.4.4 Composer 16 May, 2019
  • M
Server-Side Request Forgery (SSRF)
iignatov/lightopenid <1.3.0 Composer 10 May, 2019
  • H
Deserialization of Untrusted Data
typo3/phar-stream-wrapper >=1.0.0, <2.0.1,>=3.0.0, <3.0.1 Composer 09 May, 2019
  • H
Deserialization of Untrusted Data
typo3/phar-stream-wrapper >=2.0.0, <2.1.1,>=3.0.0, <3.1.1 Composer 09 May, 2019
  • H
Deserialization of Untrusted Data
typo3/phar-stream-wrapper >=2.0.0, <2.1.1,>=3.0.0, <3.1.1 Composer 09 May, 2019
  • M
Cross-site Scripting (XSS)
intelliants/subrion >0.0.0 Composer 08 May, 2019